Subject: RE: map "mark.info" in syslog.conf to syslog-ng.conf - msg#00093

Previous Message by Date: click to view message preview

Re: Syslog-ng log file overwrite

On Mon, 19 Mar 2007 18:38:30 BST, Balazs Scheidler said: > Do you need this information for locally generated messages or messages > that are received on a network? For local processes it should be > possible to get the sender's credentials, at least on some of the > platform that syslog-ng supports. What platform are you using? Note that as the Linux LSPP project has found out, "the sender's credentials" is a very squishy concept indeed. You already have a (admittedly possibly forged) process name/number in the message. The real gotcha is that the vast majority of the time, you already *know* the answer to this question - if it's sendmail, or ssh, or any one of the vast flock of daemon processes that do the majority of logging, it's "root" or "apache" or "cups" or similar. What you're often more interested in is "The identity of the user on who's behalf this message was generated". You already *know* that the message is from CUPS - what you want to know is which user's print job bombed and caused the message. pgpALpgbSD12P.pgp Description: PGP signature _______________________________________________ syslog-ng maillist - syslog-ng@xxxxxxxxxxxxxxxx https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html

Next Message by Date: click to view message preview

Syslog-NG and DNS

Bazsi,         A few months ago, I posted some information here about syslog-ng doing WAY too many nslookups for forwarding.  I remember you said you were going to patch the issue...  can you update me on where we stand with that?  It bit me again today on my other syslog-ng server.  Thank you! Chris Ivey Affiliated Computer Services Enterprise Management Integration Services Infrastructure Management Senior Analyst chris.ivey@xxxxxxxxxxx "When you find yourself in a hole, the best thing to do is stop digging!" -- Nick Stokes "I reject your reality, and substitute my own!" -- Adam Savage _______________________________________________ syslog-ng maillist - syslog-ng@xxxxxxxxxxxxxxxx https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html

Previous Message by Thread: click to view message preview

RE: map "mark.info" in syslog.conf to syslog-ng.conf

On Mon, 2007-03-19 at 10:48 -0400, Lily Feng wrote: > The syslog-ng could not support ---MARK----, right? > I used "-----STATS-------" instead of "------MARK-------". > syslog-ng can emit mark messages, check the mark_freq() option. -- Bazsi _______________________________________________ syslog-ng maillist - syslog-ng@xxxxxxxxxxxxxxxx https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html

Next Message by Thread: click to view message preview

Where is the download link for 2.0 ?

Everyplace on http://www.balabit.com I try just leads me to http://www.balabit.com/downloads/syslog-ng/2.0/ Thanks, Dave _______________________________________________ syslog-ng maillist - syslog-ng@xxxxxxxxxxxxxxxx https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html